The Standard Formula Podcast | Solvency II Back to Basics: Third Country Branches and Cross-Border Provision of Services
In Part I, we discussed the European Commission’s (“Commission”) disapproval of Meta’s “pay or consent” subscription model. In Part II, we delve into the European Commission’s findings, prior findings by the European Data...more
On 1 July 2024, the European Commission (the ‘Commission’) announced its preliminary findings in an investigation of a leading social media platform, concluding that its ‘pay or consent’ advertising model implemented in the...more
Position paper informs Norwegian approach to AI, with sector-specific legislative amendments to regulate developments in AI. Laws/Regulations directly regulating AI (the “AI Regulations”) Currently, there are no...more
During 2023, privacy protection and artificial intelligence regulation continued apace and their implications continued to be a major focus in Israel and around the world. In Israel, this was reflected in a number of...more
In this month’s Privacy & Cybersecurity Update, we examine the newly established data privacy framework between the EU and U.S. and new consumer privacy laws in Oregon and Texas. We also review a court ruling that delayed...more
2022 saw significant regulatory developments in the field of privacy protection in Israel and throughout the world. These developments directly affect companies whose business activities in Israel and internationally involve...more
The European Commission recently adopted an adequacy decision regarding the Republic of Korea’s data protection laws. As a result of this decision, personal data can freely flow between the EEA and South Korea without the...more
Best Practices for the Virginia Consumer Data Protection Act - The Virginia Consumer Data Protection Act (VCDA) Working Group of the Joint Commission on Technology and Science released its final report on best practices...more
On June 4, 2021, the European Commission adopted a new, highly anticipated set of standard contractual clauses to facilitate the transfer of personal data out of the European Economic Area (“EEA”) in accordance with the...more
After the political and constitutional upheaval of the last four years that has been Brexit, a trade deal - the EU-UK Trade and Cooperation Agreement - was finally reached between the United Kingdom (UK) and the European...more
In the wake of the Schrems II decision invalidating the the EU-US Privacy Shield, the US Department of Commerce has decided it should make lemonade out of the Schrems lemons. The Department recently issued a set of FAQs,...more
Still grappling with the aftershocks of the Schrems II decision from the CJEU on July 16 (we previously discussed the Schrems II decision here), the European Data Protection Board (“EDPB”) has issued a Frequently Asked...more
The EDPB has provided input about consent in its recent FAQs responding to the Schrems II invalidation of Privacy Shield. As we wrote about previously in this series, Schrems II impacted how companies transfer data from the...more
In our Schrems II Practical Guidance special reports, members of McDermott’s internationally recognized Global Privacy & Cybersecurity group have outlined practical guidance and next steps to ensure your business is prepared...more
Key Takeaways - The EU-U.S. Privacy Shield does not ensure an adequate level of protection of personal data and is therefore not a lawful basis for data transfers to the U.S....more
On July 16, 2020, the Court of Justice of the European Union (CJEU) struck down the EU-U.S. Privacy Shield as a valid mechanism for transferring personal data from the European Economic Area (EEA) to the United States...more
PRIVACY, HIPAA, SECURITY AND GDPR - The introduction and spread of COVID-19 to communities across the globe has created numerous privacy and security compliance questions and challenges. Below, we address several frequently...more
Since the referendum to leave the EU rocked the UK in 2016, commentators, privacy personnel, and corporate officers alike have been speculating as to how Brexit will affect Britain’s subjugation to the General Data Protection...more
The European Commission and the Personal Information Protection Commission of Japan have agreed mutual adequacy decisions regarding the transfer of personal data. This is a significant development, and allows businesses to...more
The California Consumer Privacy Act ("CCPA") was enacted in early 2018 as a political compromise to stave off a poorly drafted, and plaintiff’s friendly ballot initiative. Although the CCPA is scheduled to go into force in...more
In this month's edition of our Privacy & Cybersecurity Update, we examine a declaration on ethical considerations for artificial intelligence, the annual joint review of the Privacy Shield, a new lawsuit from a snack food...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the European Data Protection Board's published opinions on data protection impact assessments, an Ohio court's ruling that bitcoin is covered insured...more
The June 23, 2016 Brexit referendum outcome in the U.K. does create uncertainty about whether the U.K. will continue to follow EU data protection laws, including implementation of the E.U.'s new General Data Protection...more
The European Court of Justice has declared invalid the Safe Harbor data-transfer agreement that has governed EU data flows across the Atlantic for the last 15 years. Thousands of U.S. companies have relied on the Safe Harbor...more
Following the ECJ’s decision in the “Schrems” case which has invalidated the Safe Harbor framework multinational corporations may now face profound privacy law related compliance issues in a multitude of jurisdictions. In the...more